7 matches found
CVE-2026-0281
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The...
CVE-2026-0285
CVE-2026-0285 : PAN-OS contains a server-side request forgery (SSRF) vulnerability that can be exploited by an authenticated administrator with network access to the management web interface, allowing unauthorized requests from the firewall to internal services. Affected relationships from the so...
CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...
Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS...
CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...
CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...
PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall. Work around: We strongly recommend customers to ensure access to your management interface is...